Actions
Bug #2395
closed
Digest<Hash>::operator== is vulnerable to timing attack
Start date:
01/18/2015
Due date:
% Done:
100%
Estimated time:
Description
Digest<Hash>::operator== uses Block::operator== which uses std::equals which is not a constant-time algorithm.
Digest is often used in security related context, but a non-constant-time Digest<Hash>::operator== is vulnerable to timing attack.
Possible solutions:
- either implement
Digest<Hash>::operator==using a constant-time algorithm, see http://codahale.com/a-lesson-in-timing-attacks/ - or add
\warning This method cannot be used in security related context because it is vulnerable to timing attackto Doxygen block
Updated by Alex Afanasyev about 9 years ago
For me, warning is more than enough. I think this class is not intended to be used in security context, at least the current usages are not security-related.
Updated by Junxiao Shi about 9 years ago
- Status changed from New to In Progress
- Assignee set to Junxiao Shi
- Target version set to v0.3
Updated by Junxiao Shi about 9 years ago
- Status changed from In Progress to Code review
- % Done changed from 0 to 100
Updated by Alex Afanasyev about 9 years ago
- Status changed from Code review to Closed
Actions